Incorrect Exam Questions Flashcards
What is cross-site scripting?
malicious script is inserted into a web page form, with the instructions that are issued to the server allowing unauthorised access to the personal information
What are some procedures to manage data and files?
1) Regular backups
2) Naming conventions of files/folders
3) Regular archiving
What are the advantages of the Agile model?
1) Clients are more included in the process
2) Allows adaptive design
3) Produces early visible results
Purpose of the SRS
To document the needs of the stakeholders and to indicate how the system is expected to perform
What are some risk management strategies?
1) Software auditing
2) Version control
3) Compliance checking in relation to the use of 3rd party sofware
What is affordance?
An attribute/characteristic of a solution that allow people to know how to use it (intuitiveness)
Which development model is best suited to projects involving changing scope, requirements, and few dependencies
Spiral
What does it mean if tasks are on the critical path?
Critical path is the longest time between start and finish of the timeline
Difference between a Method and an Event?
A method is a function within a class which can be called anytime, whereas an Event is a detected change of state, such as a user pressing enter
What data structure is most suitable to store multiple pieces of information?
Records
If you need to store thousands of values with all of the same type, what data structure would you use?
Arrays
Are archives stored in a short term or long term storage
Long term storage, compressed to preserve storage space
Purpose of a trace table
To test algorithms for logic errors that occur when the algorithm or program executes.
It allows the user to ‘step through’ the algorithm to track how variables change.
Factors that influence design
1) Usability
2) Affordability
3) Security
4) Interoperability
5) Marketability
Goal of usability testing
Usability testing is conducted to identify any usability problems by collecting quantitative and qualitative data and determining user satisfaction with the software system
Two advantages of XML Files in relation to reduce the risk of damaging data integrity
1) Reduces the risk of the data being corrupt during transfer, reducing the risk to its accuracy
2) The readability for humans, allowing the correctness to be manually verified
In a DFD and a UCD what is represented by a rectangle,
In a DFD= exteral entity
In a UCD= system boundary
What data flow cannot occur in a DFD?
External entity to data store, or data store to entity
If a network is running slower than usual, with no other problems to the software, what has likely happened to the network?
A trojan has entered the network, and is duplicating itself
What are 2 reasons for writing internal documentation for WRITING PROGRAMS THAT RUN EFFICIENTLY
1) It can assist in stepping through code, which may assist with developing a program more quickly
2) It is also not read by the computer, so writing the code does not make the program run less efficiently
Explain CamelCase
Words are combined together to form a single phrase, capitalising the first letter of each word without any whitespace inbetween them
Compare and contrast Records and arrays
Records group together variables for a particular purpose. An array also groups together variables under the same name which are accessed via an index. However, a record can hold multiple data types, but an array can only hold on data type.
Purpose of associative arrays
Associative arrays are used to represent the collection of data elements that can be retrieved by a key, through a (key, value) pair. Their operations include: add, remove, lookup.
What is a function and how does it differ from a procedure?
A function is a segment of code section of code that accepts parameters and returns a value and can be called from within the program, and generally returns a value whereas a procedure does not
Do physical objects appear on context diagrams? Why?
No, because there is no data flow
Difference between context diagram and UCD
Context diagrams are used to represent data flowing to and from external entities and the system. Whereas a UCD is used to represent the interactions with the system and the functional aspects of the system.
Why are both context diagrams and UCD’s required for thorough analysis
They both are required to fully understand not only the logical data flow but how users interact with the system
Distinguish between arrows in a context diagram and a line in a UCD
In a context diagram, the arrow indicates the direction of data flow, which is only one way
In a UCD, the lines represent an association between a role and a use case
What is a Class?
An object that has a number of methods and events associated with it
What exactly is a method?
Commands that can be used to directly interact with objects to change their behaviour
What is a statement in pseudocode?
A line of code that modifies a variables content, for instance:
A <- A + 2
Difference between a record and a file
A record is used to group together variables for a particular purpose and is able to hold multiple data types. A file is also used to store data, but can store large amounts of data that can be used at a later date.
What are the 3 activities that will occur in the Analysis stage?
1) Scope
2) Constraints
3) Functional/Non-func req
Why is evaluation criteria written?
After the solution has been in operation for a while, it will help to check whether or not the solution has solved the original problem
List 4 sections that make up a SRS
1) an introduction
2) a description of the proposed solution
3) specific requirements of the software solution 4) description of the environment in which the solution will operate.
If a person who wishes to create a new solution is constantly wanting to add new features to the solution that weren’t agreed on initially, how can writing an SRS beforehand help with this?
A SRS often forms the basis of a legal
contract as it is agreed upon by both developer and client, and if this was done
correctly at the start then it would have been clear what is expected to be included in
the solution.
What must be included in a testing table and how can it assist in ensuring the output is accurate?
1) What needs to be tested
2) Test data to be used for the test
3) Expected Result
4) Actual Result
A testing table can ensure that the solution works wihtout error and all parts of the solution are working fine from looking at the expected and actual values
Which structural characteristic makes XML files distinguishable from other types of files?
The inclusion of a prolog or declaration statement
Why is a dropdown list better to use than a text box?
It ensures that the range of options to select are limited-> meaning that the data will be complete and reasonable, not requiring any validation for spelling errors. Typing the data in the text box could lead to errors if not typed correctly.
Explain why constructing the test data that checks boundary values is a key part of checking that the solution meets the design specifications
Boundary values/testing checks whether certain conditions within solutions execute as intended
What is an appropriate backup strategy, and justify why
Strategy:
A full backup conducted every week, in conjunction with a differential backup every night (daily). Data must be stored onto an off-site location such as cloud storage.
Justification:
This strategy will ensure that all the data is backed up in a regular and consistent manner and data loss is minimised to the last differential backup which can be restored efficiently.
Advantages of internal documentation
1) Helps future programmers in understanding the code if they have to make modifications
2) Reduces the cost for code maintenance, as the progammer can easily identify what the solution does which would reduce maintenance cost
Propose a usability test
1) Users/clients test the solution
2) Complete a survey rating their user experience
3) Provide feedback on improvements and general comments
Justify a security PROTOCAL that could be used to protect data that is transmitted
SSL/TSL, which uses encryption to protect the data that is sent between systems/servers, ensuring that the data is not read by unauthorised people, maintaining the data’s integrity/confidentiality.
How many passes and swaps in a selection sort?
n-1 passes
n-1 swaps
What is compiling?
Translating source code (human readable) to machine code (such as binary code)
What does the term ‘specification creep’ refer to?
When clients add new features to the requirements during the development stage
What are the parts of a SRS?
- Introduction
- Description of proposed solution
- The requirements of the solution
- Description of the environment that the solution will operate in
Which part of the SRS includes constraints?
- Description of the proposed solution
What is a validation technique?
Used to minimise the entry of inaccurate data, by checking the reasonableness of the input data
What is testing briefly?
Testing is checking that the solution is free from errors
What are 2 techniques that viruses use to hide from anti-virus software
1) Self-encryption, they include code that encrypts the virus to avoid signature detection
2) They include code that specifically tries to counter-attack the type of scan that the anti-virus software does. The virus tries to intercept the scan and send an ‘OK’ signal back
For data collection, why can observations be useful?
To see the interactions that take place within the system
For data collection, who should you interview the most?
The person wanting to create the solution, as they have the most in-depth knowledge, and the interview would allow for a wide range of questions to gain immediate feedback regarding the requirements of the solution
What is involved in usability testing?
Useful tool that can be implemented to improve the functionality of the solution. A group of users are given access to the current version of the code and are asked to perform certain tasks. They then have to provide feedback on how easy it was to perform those tasks and other general feedback regarding the user interface and improvements.
What are the processing features of programming languages?
- Instructions
- Methods
- Functions
- Control structures
NOT data structures!!
What type of validation check would ensure that the user only types in a whole number as input?
Type check
Difference between Method & Event
A method is a command that is used to directly interact with objects to change their behaviour,
whereas events are a detected change of state, triggered by a user interaction.
What data type is “subList”, “i” and “A[]”, in a selection sort algorithm pseudocode?
sublist = integer
i = integer
A[] = 1D Array
Describe how iteration works
A number of tasks are performed a set number of times or until a condition is met
What are the basic steps of writing an algorithm from scratch?
1) Defining what needs to be achieved (what is the goal of the program?
2) Determing what information is required in order to achieve this goal
Outline what is typically involved in the testing of a solution
Testing involves first selecting appropriate functions to check, then selecting a range of data that would test all boundaries of the solution to calculate expected results. The tests are then run on the program to get actual results, comparing them with the expected results.
What is the purpose of object descriptions and what do they contain?
They assist with the planning of the structure and content of objects that are incorporated in the design of the solution.
They contain information such as the methods and events associated with an object
Distinguish between an organisational goal and organisational objective
An organisation goal is a broad outcome that the organisation strives to achieve in the future, whereas an organisational objective is a measureable target that can be achieved in a short period of time and supports the goals.
Outline 3 tasks that will be involved with analysing the INFORMATION system
- Scope
- Requirements
- Constraints
Why are the 3 methods of validation checking in order from existence, type and range.
Existence checking looks at whether the user has entered anything as input. This must come before a type check, as a type check looks at whether the data that is entered is the right type or not, and for this to occur the data must exist.
A range check is last as it won’t work unless the data has been validated to be the correct type.
What is robustness and how can it be a useful consideration for a system
Robustness is how well a solution responds to unexpected input. If there are users with a range of ability/expertise, the solution must be able to handle this unexpected input.
Explain how creating a SRS at the beginning of the process would avoid the problem of the user wanting to include additional functionality once the solution has been developed
A SRS often forms the basis of a legal contract as it is agreed upon by both developer and client, and if this was done correctly at the start then it would have been clear what is expected to be included in the solution, (functional/non-functional requirements)
Explain how a binary search works
A divide and discard algorithm, that repeatedly divides the array in half by comparing the middle element with the target value. If it doesn’t match, it will search the data to the left of the element in the middle if it is less than that element, otherwise it will search the data to the right of it. This process continues until the element is found or the interval is empty.
Why does not including intenral documentation actually lead to higher costs for the developer?
Debugging the program will take longer as programmers will have more trouble understanding the purpose of the code, leading to more maintenance time, and thus the developer has to pay the progammers more money, increasing the costs.
Unified Modelling Language is used to?
Develop system scope and constraints
What is DOCUMENTED in a SRS, and why is it important?
A SRS documents the analysis of an information problem, and it is important as it forms an agreement between the client and the developer as to exactly what needs to be made so that the design stage can start
Describe how validation is used in the design stage AS WELL as the development stage
Design stage:
Validation involves how data will be coded, processed and output.
Development stage:
It involves preventing errors and determining if data input is reasonable
When testing an algorithm for logic errors, what should be included in the TEST DATA?
Boundary conditions, including maximum, minimum, in between and outside the range values, to prevent errors and identify any holes
Describe logbooks as a method of recording the progress of a project
They keep track of all the changes, including any problems. This record can be useful for future projects to refer to and learn from.
What are run-time errors?
EXceptions hat occur when something happens that was not planned for causing the
program to crash
What are logic errors?
An error that causes the program to produce unexpected results
Describe how annotations of gantt charts can be used to record the progress of a project
They allow the tasks to be visually represented, resources, allocated to each task and their progress monitored. This is important to record any changes in resources, completion of tasks or changes to critical deadlines.
Why is using OFFSHORE cheap cloud storage bad?
1) When data is stored in another country then it is susceptible to that country‟s privacy and confidentiality laws that may differ significantly from Australia‟s privacy laws, and they may ask to hand over the data
2) The potential for unauthorised access
is greater which could result in a breach
What does an object description table include?
Name, type, event and description
What does an attribute listing table include?
Storage type, object, platform, programming language, authentication method
‘If your data/information is protected there is no chance of data being damaged’ Is this true?
No, as there can still be potential security risks and breaches, which could damage data. Users/companies need to ensure that security measures are in place but there still might be a possibility of intrusion/attacks.
Describe XML files
XML Files are used for storing and transmitting data, using custom tags to describe the structure and other features
Difference between http and https protocols
HTTP is the protocol over which data is sent between a browser and the website that the user is connected to.
The ‘S’ at the end of HTTPS stands for ‘Secure’ which means that the communication between the browser and the website is encrypted.
HTTP is used in public sites, while HTTPS is used for transferring private data.
How can a privacy policy be used as a security technique in protecting client’s RIGHTS
The privacy policy can ensure that the clients data is properly collected, stored, used or disclosed, with the users consent, also allowing them to have access to their data at any time
How can user authentication be used as a security technique in protecting client’s RIGHTS
It ensures that only authorised users can access the system, preventing data breaches, protecting the user’s privacy and rights to their data
Explain what cloud computing is
Cloud computing is a type of Internet-based computing, where servers, storage and
applications are delivered over the internet.
Advantage and disadvantage of using a cloud service
Advantage:
24/7 access from any device anywhere
Disadvantage:
requires Internet connection, system may be down and therefore no access
Why should you have both a full backup AND an INCREMENTAL backup
Because if there is a full back in place on Fridays and the system goes down in the middle of the week, data from Monday to Wednesday will be lost.
What is acceptance testing and why is it good?
Ensuring that everything is operating as it should. It will help to provide feedback to the developers on any problems or faulty procedures that are arise
When should you look at the evaluation criteria to determine the success of the system
6 months, after the solution has been in operation for a while
2 Advantages of using naming conventions
1) Makes it easier to debug the program
2) Makes it easier to see the functions of variables (scope, purpose)
Benefits of drawing an annotated diagram
1) You can have a clear idea of what the solution will look like
2) Can be used to show the client and gain feedback
Briefly explain what a hash function does
Maps a value to an index based on a rule, making data in a list easier to find
Main Advantage of using hash functions over 1D arrays
It is easier to locate values or determine if they are present, rather than checking all of the values in a 1D array
List 2 key features of mockups that should be included
1) Colour schemes
2) Positionand size of controls (buttons, etc)
Identify how a software would differentiate an XML file from other types of text files
From its header/declaration statement, which includes the version of XML
Explain how an XML file would be used by a software solution to DISPLAY DATA IN THE CORRECT FORMAT ON THE SCREEN
XML files use self descriptive tags to describe data and give it structure. The solution can
read these tags and use them to place data in the correct places.
When developing criteria for evaluating effectiveness/efficiency of a software solution, what is the most IMPORTANT consideration?
That the requirements and constraints documented in the SRS will be met
If manufactured data is accidentally stored with an actual data set, what characteristic of data integrity will be affected most?
1) Authenticity
Justify the use of XML files rather than CSV files when transferring data between different servers/systems
XML has the benefit of having self-describing tags and which gives a lot more flexibility
in the way that data is stored and communicated, whereas CSV files would require additional documentation to describe the values
Identify the XML Element type from below:
<Appointment>
</Appointment>
Attribute
What are 2 actions that a company should take when DECOMMISSIONING the database
1) Backing up
2) Archiving/Disposal
2 Advantages of archiving data
1) Frees up storage space to include new client’s data
2) Regular backups will take less time as there are less files
Explain how agile development results in a more finished product
Upon completion of each phase in the agile model, the client is consulted and changes are made, which may lead to phases being revisited. The client is able to make adjustments during development, resulting in a better product.
Describe 2 strategies that can be used to ensure that a project does not miss its scheduled milestones
1) Ensuring enough slack time between tasks, catering for any delays to tasks
2) Proper assignment of resources and people to tasks so that they can be completed on time
Types of constraints
1) Economic
2) Legal
3) Technical
4) Social
5) Usability
Advantage of using a record data structure to store the contents of an XML file rather than a NUMBER of 1D arrays
1) The data is kept together, whereas with many ID arrays, this data can easily be separated and not in sync
What are the legalities of gathering browsing data from clients to provide them with targeted advertising
The company would require the consent of the individuals under the Privacy Act (1988), and the users should have the ability to opt out whenever they want to.
Describe 2 consequences of skipping the final testing stage, which involves comparing the functioning of the APP to the SRS
1) The company may not have the opportunity to ensure that all of the requirements in the SRS have been addressed
2) The company may not be able to test the compatibility with different devices
Describe 2 changes that could be made to allow for some features to be added to an update to a software solution to allow the developo to better evaluate how the software is being used and received by clients
1) Include a section that logs all the transactions,
2) Gathering feedback from the clients within the app (“how are you liking the app so far”) shi
What is the characteristic of a string
A collection of individual ASCII characters
What type of constraint would availability of physical hardware be?
Technical
Explain the risk of a power surge to data and how to protect against it
A power surge is a type of event-based threat that may cause all hardware to lose power and, potentially causing data loss. UPS can prevent this, providing backup power for a limited time to safely shutdown the system
Explain the risk of a phishing email to data and how to protect against it
A phishing email poses a deliberate threat in that it may allow phishers access to the records
system by gaining credentials that can be used to login. This can be prevented by educating staff about the dangers of phishing
Explain how 2 people who never have physically met can use public key cryptography to send data between them securely over the internet
They can do this through TLS which uses asymmetric encryption. The person requesting the data can send the other person a public key through which he can generate a ciphertext from
plaintext and send to the first person who would be the only person able of reading the
encryption through decrypting it with his unique private key. Hence data is sent securely.
What are 2 types of data that can be retrieved through data mining that could be kept by a company that offers free-wifi instore
1) Customers search history-> to advertise products that they are looking for
2) How long customers stay in store to tailor store experience to that
For data collection, how can surveys be useful?
As they are easy to manage and carry out and also cheap. They will provide insight on the users expectations and to identify most common needs.
Give an example of a technical constraint on an app with different users
The users will have different devices running platforms
Can a process have the same data coming in and out?
No
Does a process NEEED to have data flow to external entities?
No
How can affordance NOT be demonstrated in a mockup?
1) Lack of structure in the way elements are placed on the screen, in the wrong areas
2) Unclear process of doing things
In a DFD, an entity represents..
A person or company outside the system that receives or provides data
Propose a strategy that could be used in case a new solution’s update causes some errors
To assign an extra person to the project team and being tasked with solving this problem
What is interoperability
The capability of solutions to communicate with one another more freely and easily
What are examples of technical constraints?
1) Speed of processing
2) Capacity
3) Availability of equipment
4) Compatibility
5) Security
Examples of social constraints
1) Level of user expertise
2) Availability of technical support staff
3) Time available to develop solution
Examples of Usability constraints
1) Ease of use
2) Usefulness
What is usefulness
The measure of the ability of something to satisfy need.
What is GIGO? (garbage in, garbage out)
Process that describes what happens when invalid input data is entered into the solution, potentially resulting in the program crashing, etc.
What are some problems that could arise from not updating a Gantt Chart
1) Milestones may not be met
2) Some tasks may begin that depend on other tasks being finished first, leading to confusion and wasted time
What do UCD’s not represent well
Algorithmic processes
